Path Traversal Vulnerability in TeamCity Allows Limited Admin Actions
CVE-2024-27199

7.3HIGH

Key Information:

Vendor

Jetbrains
Status
Teamcity
Vendor
CVE Published:
4 March 2024

Badges

💰 Ransomware👾 Exploit Exists🟣 EPSS 91%🦅 CISA Reported📰 News Worthy

What is CVE-2024-27199?

JetBrains TeamCity versions prior to 2023.11.4 are susceptible to a path traversal vulnerability that enables unauthorized users to execute limited administrative actions. This flaw could potentially allow attackers to exploit the system's structure, leading to the execution of unintended commands and unauthorized access. The implication of this vulnerability highlights the importance of updating to the latest version to safeguard against unauthorized access and maintain system integrity. Remote exploitation may allow attackers to navigate beyond restricted directories, posing risks to sensitive data and configurations.

CISA has reported CVE-2024-27199

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-27199 as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

TeamCity 0 < 2023.11.4

News Articles

favicon imageSC Media

JetBrains patches new TeamCity authentication bypass bugs

TeamCity servers risk being exposed to “complete compromise” if patch isn’t installed, researchers warned.

favicon imagethecyberthrone.in

PravinKarthik

Read all of the posts by PravinKarthik on TheCyberThrone

favicon imageTrend Micro

TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types

CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.

References

https://www.jetbrains.com/privacy-security/issues-fixed/
https://www.darkreading.com/cyberattacks-data-breaches/je...

EPSS Score

91% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 💰

    Used in Ransomware

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • 📰

    First article discovered by Help Net Security

  • Vulnerability published

  • Vulnerability Reserved

.